Dr S N Henson wrote:
> > I make the verification using a call to X509_verify_cert.
> > When the call returns, they are some errors left in the error stack from
> > a call to check_issued to check if the check is self-signed or not.
> > Is this a normal behaviour ?
> >
>
> That shouldn't happen unless you set the X509_V_FLAG_CB_ISSUER_CHECK
> flag. What specific error are you getting?
I wasn't very clear.
The return code is one, telling me that there is no error, but
X509_STORE_CTX_get_error gives me an error value of 29 (subject issuer
mismatch).
I was afraid this error would be stored somewhere and be annoying later, but
I've realised now it's freed when I call X509_STORE_CTX_free, therefore it's
probably a non-issue.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
